Home
Vikrant's Blog
Cancel

CraftCMS Zero-day – SSTI + XSS triggering RCE

This article was updated and now includes the removed parts of the previous post. For POC and exploit, read the second part of this disclosure. This write up is a coordinated disclosure of CVE...

CraftCMS Zero-day – SSTI + XSS triggering RCE (Proof of Concept)

This article is a continuation of CraftCMS Zero-day – SSTI + XSS triggering RCE. Overview The vulnerability is exploited via XSS. Note that any XSS on the website (even outside of the craftCM...

Dynamic importing stuff in Python

Before I explain dynamic importing, lemme explain traditional import too for the sake of readers of all levels. To follow along, you must be at least familiar with basics of Python. If you don’t un...

Getting Started with Greybox Testing

Blackbox testing is great but if you are looking forward to learning how code works, this is where greybox testing comes in. Since you get access to the source code, you can see how code works and ...

From Burnout to RCE: Getting out of the rat race

Burnout is just the stress you are facing. This stress is normal when you work a lot but reach nowhere. It is like running in the rat race and trying to compete with other hunters for the money. Th...

You don’t need xss.rocks/xss.js

Many people focusing on XSS seems to miss out one simple yet powerful thing: data URLs. While finding an XSS, hackers test the vulnerability with some hosted solution like xss.rocks or host their o...

Internal IP Address leak in Misconfigured WordPress to bypass WAF

Web Application Firewalls like CloudFlare are pretty good at protecting websites by tunnelling the traffic through their secure servers. But if the underlying IP address is leaked, such protection ...

Open Redirect in Flattr

This bug in Flattr was a low impact Open Redirect that allowed attacker to redirect the victim after authorizing Twitter. PoC https://flattr.com/settings/connect/twitter?redirect=https://hackberr...